|
I'm connecting from within my network via IP. So for the cert the hostname would be 192.168.###.###?
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
That should work, but I've never tried binding a cert to an IP address. Is there some reason you can't use the host name instead?
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
I guess I could. But I would be making one up as I have no host name. Could I just use "www.mysite.com"?
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
Yes, if you can edit the hosts file on the machine that's making the connection.
Otherwise, just use the name of the machine you're connecting to.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
OK, so I can do:
New-SelfSignedCertificate -DnsName "marois_dev_1" -CertStoreLocation "cert:\LocalMachine\My" where marois_dev_1 is my server name?
and run this in PowerShell on my server.
Then use that cert in IIS on my server?
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
Yes, that should work.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Would a site name of localhost or 127.0.0.1 / 127.0.0.0 work?
|
|
|
|
|
That would only work if your client was running on the server. The localhost name and the loopback address always point to the current computer.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Richard Deeming wrote: New-SelfSignedCertificate -DnsName "your-host-name" -CertStoreLocation "cert:\LocalMachine\My"
Can you clarify the -CertStoreLocation here? I don't understand where the cert was created?
Thank you
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
It's created in the "computer account" certificate store, under the "Personal" folder.
It won't appear in certutil.msc ; you'll need to open up MMC, add the certificates snap-in, and select "computer account".
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Richard, thanks for your help so far, however, I'm still stuck on this and could use some more help.
Here's what I;ve done so far:
1 - Created a self-signed cert. Here
2 - The Cert appears in the cert store. Here
3 - The cert appears in IIS. here
4 - Add the API in IIS using the cert. Here
5 - Browse the site in IIS. I still get the cert error. Here
I'm guessing that I'm still missing something.
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
Your OneDrive links all return "Something went wrong" errors for me.
What's the text of the error message?
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
"There is a problem with this website's security certificate.
The security certificate presented by this website was issued for a different website's address
The security certificate presented by this website was not issued by a trusted certificate authority"
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
Kevin Marois wrote: The security certificate presented by this website was not issued by a trusted certificate authority"
Which is to be expected when you're using a self-signed certificate; it wasn't issued by a trusted certificate authority.
Kevin Marois wrote: The security certificate presented by this website was issued for a different website's address
That suggests you generated the cert for a different host name than the one you're using in the client. For example, if you generated a cert for "localhost", and try to connect to "my-super-pc-name", you'll get this error.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Well, it seems that I can now access the API on my server from my Dev PC using Postman:
https:
This part appears to be resolved.
Now, I tried to allow access to the API from OUTSIDE my home network I've opened the port on the firewall and router, but it throws
"An error occurred while sending the request. "
with 2 inner exceptions
Inner Exception 1:
WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Inner Exception 2:
AuthenticationException: The remote certificate is invalid according to the validation procedure.
I'm guessing the self-signed cert won't work for this?
[UPDATE]
This works, but I'd like to hear your thoughts on all of this
[https://stackoverflow.com/questions/703272/could-not-establish-trust-relationship-for-ssl-tls-secure-channel-soap](https://stackoverflow.com/questions/703272/could-not-establish-trust-relationship-for-ssl-tls-secure-channel-soap)
System.Net.ServicePointManager.ServerCertificateValidationCallback =
((sender, certificate, chain, sslPolicyErrors) => true);
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
modified 10-Aug-22 18:36pm.
|
|
|
|
|
The exception from outside is the same as before: a self-signed certificate is not issued by a trusted CA, and won't be trusted by default.
The validation callback you've shown will work, but only by turning off all SSL validation. If someone managed to poison the DNS for your external users, they can easily impersonate your service with any certificate, even if it doesn't match the name you've used.
You would do better to examine the parameters passed in, and verify that the certificate matches the one you're expecting. But then you would have to update that callback every time your certificate expired and was replaced.
Alternatively, you could try to convince your external users to add your certificate to the "trusted" certificate store.
But the simplest option is to use a proper domain name, and get a proper certificate. You don't even have to pay for it - so long as your domain can be resolved publicly, you can use Let's Encrypt[^] to get a free cert.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Great. Thank you again
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
I want to display Snowflake data into a visualization format in my page (react page). I am able to create a sample data in snowflake. But, I want to embed visualized snowflake data in my React page. I read about visualization snowflake data through charts and looked at Snowflake Snowsight, but looks like they are not satisfying my requirement. I want to display / embed visualized Snowflake data in my own React page. Please guide how to achieve this?
|
|
|
|
|
Snowsight is a product in its own right.
To create visualisations on a React page, it doesn't matter where the data comes from. Connect to Snowflake and query the data (not using the Snowflake UI) or download data (from the Snowflake UI) to a CSV or similar.
For visualisations of that data, start your research here: embed data visualisation into react - Google Search[^]
|
|
|
|
|
I have this API controller method
[HttpGet]
public HttpResponseMessage GetPersonList(int personTypeId = 0, int clientRepId = 0)
{
var response = new HttpResponseMessage();
try
{
var data = Repository.GetPersonList(personTypeId, clientRepId);
response = Request.CreateResponse(HttpStatusCode.OK, data);
}
catch (Exception e)
{
response = Request.CreateErrorResponse(HttpStatusCode.InternalServerError, e);
}
return response;
}
It's working and has data, and when I call it from Postman I can see the complete JSON.
Here's my client:
public class APIExecutor
{
private HttpClient _client;
public APIExecutor(string baseAddress, HttpClient client = null)
{
if (client != null)
{
_client = client;
}
else
{
_client = new HttpClient();
}
_client.BaseAddress = new Uri(baseAddress);
_client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
}
public async Task<T> GetAsync<T>(string action, Dictionary<string, dynamic> parameters)
{
T results = default(T);
try
{
var queryString = CreateQueryString(action, parameters);
HttpResponseMessage response = _client.GetAsync(queryString).Result;
var xxx = await response.Content.ReadAsStringAsync();
if (response.IsSuccessStatusCode)
{
var responseString = await response.Content.ReadAsStringAsync();
results = await ReadAsAsync<T>(response.Content);
}
else
{
HandleException(response);
}
}
catch (Exception e)
{
throw;
}
return results;
}
private async Task<T> ReadAsAsync<T>(HttpContent content)
{
var results = JsonConvert.DeserializeObject<T>(await content.ReadAsStringAsync());
return results;
}
}
Anyone see what's wrong?
Thanks
If it's not broken, fix it until it is.
Everything makes sense in someone's mind.
Ya can't fix stupid.
|
|
|
|
|
Just a guess - why dynamic and does ReadAsStringAsync deal with "dynamic" content?
Never underestimate the power of human stupidity -
RAH
I'm old. I know stuff - JSOP
|
|
|
|
|
The dictionary is parameters going to the controller and is working ok. The params make it to the controllwe.
The problem is the JSON coming back is empty
|
|
|
|
|
Kevin Marois wrote:
public async Task<T> GetAsync<T>(string action, Dictionary<string, dynamic> parameters)
{
...
HttpResponseMessage response = _client.GetAsync(queryString).Result; Why? You're in an async method, so don't use the potentially deadlock-inducing .Result to synchronously get the result of a task. Just await the task.
HttpResponseMessage response = await _client.GetAsync(queryString);
Also, your controller can be simplified to:
[HttpGet]
public IEnumerable<Person> GetPersonList(int personTypeId = 0, int clientRepId = 0)
{
return Repository.GetPersonList(personTypeId, clientRepId);
} If an unhandled exception is thrown, the framework will return an error response for you.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Message Closed
modified 13-Jul-22 13:12pm.
|
|
|
|
|
A completely empty response, or an empty JSON array?
If it's an empty JSON array, that would suggest your repository isn't returning any data.
If it's a completely empty response, that would suggest a different problem.
Either way, you'll probably need to compare the raw network request made by your code to the working one sent via Postman to see what's different.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|